Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Increased memoization cache size for language codes.

There may be more than 100 (default maxsize) commonly seen xx-yy values
on some sites. The additional memory consumption isn't significant.

Also added a comment explaining why this cache must have a maxsize.
  • Loading branch information...
commit f356b6ecc3fe15634d504690c1793460e5fe9bee 1 parent e819a3c
Aymeric Augustin aaugustin authored
Showing with 5 additions and 1 deletion.
  1. +5 −1 django/utils/translation/trans_real.py
6 django/utils/translation/trans_real.py
View
@@ -389,12 +389,16 @@ def all_locale_paths():
return [globalpath] + list(settings.LOCALE_PATHS)
-@lru_cache.lru_cache()
+@lru_cache.lru_cache(maxsize=1000)
def check_for_language(lang_code):
"""
Checks whether there is a global language file for the given language
code. This is used to decide whether a user-provided language is
available.
+
+ lru_cache should have a maxsize to prevent from memory exhaustion attacks,
+ as the provided language codes are taken from the HTTP request. See also
+ <https://www.djangoproject.com/weblog/2007/oct/26/security-fix/>.
"""
# First, a quick check to make sure lang_code is well-formed (#21458)
if not language_code_re.search(lang_code):
Please sign in to comment.
Something went wrong with that request. Please try again.